Posted 3/4/2024, 10:47:04 PM
North Korean Hackers Exploited Windows 0-Day for Months to Install Stealthy Malware
- Hackers exploited a Windows 0-day for 6 months after Microsoft learned of it
- The hackers were backed by North Korea and installed a stealthy rootkit called FudModule
- The vulnerability provided an easy way for malware with admin rights to access the Windows kernel
- Microsoft's policy is to patch admin-to-kernel vulnerabilities at their discretion
- The 0-day allowed the hackers to install the rootkit stealthily compared to other techniques like BYOVD